On 07/31/2012 12:06 PM, Daniel P. Berrange wrote: > On Tue, Jul 31, 2012 at 11:26:05AM -0400, Corey Bryant wrote: >> >> At this point I wonder if we might be able to get away with no XML >> modifications since we know that we only want to attempt to run the >> helper when libvirt is running unprivileged. > I certainly don't expect there to be any changes to the XML for the > purposes of supporting this QEMU bridge helper proxy. It should be > automatically used when type=bridge or type=network on the > <interface>, as a private implementation detail of libvirt not > exposed to applications in the XML. When libvirt changes to > separate its nework setup code out of libvirtd, then we will be able > to transparently stop using the proxy helper. I would greatly prefer that as well, as long as nobody is bothered by the potential upgrade problem I outlined in my previous mail - if there is config required outside libvirt to enable particular users to use the qemu helper, and if there is also extra config required to enable the capability for users when libvirt no longer requires the qemu helper, there could be cases where a working config would cease to work (until extra measures were taken) after an upgrade. If that situation is acceptable, then I also agree that no XML modifications is much better. -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list